Network control node detection method and system

A technology of network control and detection method, applied in the direction of transmission system, electrical components, etc., can solve the problem of unable to fully acquire botnet control nodes, impossible to ensure complete capture of samples of the same family, etc.

Inactive Publication Date: 2017-04-26
BEIJING ANTIY NETWORK SAFETY TECH CO LTD
View PDF3 Cites 11 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Extracting samples from botnet control nodes is a relatively fast way, but there are also certain defects, because VirusTotal cannot ensu

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network control node detection method and system
  • Network control node detection method and system

Examples

Experimental program
Comparison scheme
Effect test

Example Embodiment

[0019] The preferred embodiments of the present invention will be described in detail below with reference to the accompanying drawings. In the description process, details and functions that are not necessary for the present invention are omitted to prevent confusion about the understanding of the present invention. Although exemplary embodiments are shown in the drawings, it should be understood that the present invention can be implemented in various forms and should not be limited by the embodiments set forth herein. On the contrary, these embodiments are provided to enable a more thorough understanding of the present disclosure and to fully convey the scope of the present invention to those skilled in the art.

[0020] In the present invention, the botnet family and version are classified automatically and quickly based on the known botnet family and its extended version server side sample size, the commonly used port of the botnet virus family control node and other informat...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a network control node detection method and system. The method includes: classifying botnet families and versions based on the botnet families and extended version samples thereof, and obtaining a network control node and common port information thereof through a static configuration decryption method; automatically obtaining a corresponding IP, an IP network segment and port information based on the network control node; and detecting a new network control node through automatic and batch enumeration communication of the IP, a port, and a common port and communication protocol feature matching one by one. According to the method and system, the problem of failure of obtaining more unknown botnet control nodes of the same family in the prior art is solved.

Description

technical field [0001] The invention relates to the technical field of computer security, and in particular to a method and system for detecting a network control node. Background technique [0002] To realize the automated botnet monitoring process, three steps need to be implemented: family identification and reverse analysis of family communication protocols; automated monitoring and protocol analysis scripts; batch input of botnet control nodes for batch automated monitoring. After the first two steps are realized, more active botnet control nodes need to be input to realize intensive monitoring of single-family botnets and generate more monitoring data. [0003] However, the acquisition of the botnet control node can obtain the detected samples through VirusTotal for sample extraction. Extracting samples from botnet control nodes is a relatively fast method, but there are also certain defects, because VirusTotal cannot ensure that it can completely capture the latest s...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L29/12
CPCH04L63/0236H04L63/1466H04L2463/144H04L61/4511
Inventor 康学斌黄云宇肖新光
Owner BEIJING ANTIY NETWORK SAFETY TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap